<?php

require_once "dbconnect.php";

$username = $_POST['username'];
if( empty($username) ) $username = $_GET['username'];

$email = $_POST['email'];
if( empty($email) ) $email = $_GET['email'];

if( !empty($username) ){
	$sql = "SELECT * FROM user WHERE username='".$username."' AND status='1'";
	$sql2 = "UPDATE user SET password='".md5("Pass@1234")."' WHERE username='".$username."' AND status='1'";
}
else 
{
	$sql = "SELECT * FROM user WHERE email='".$email."' AND status='1'";
	$sql2 = "UPDATE user SET password='".md5("Pass@1234")."' WHERE email='".$email."' AND status='1'";
}
if( !($res = $db->query($sql)) ) echo json_encode(array("status"=>"error"));
if( $res->num_rows > 0 ){
	if( !($res = $db->query($sql2)) ) echo json_encode(array("status"=>"error"));
	if( $db->countAffected() > 0 ){
		$return = array("status"=>"ok");
		//TODO: send email to email address
		//send_email($email);
	} else {
		$return = array("status"=>"error");
	}
} else {
	$return = array("status"=>"error");
}
echo json_encode($return);

?>
